The U.S. Treasury. (Sealy J. via Wikipedia/CC)
Network intrusions at the U.S. Commerce Department, the U.S. Treasury, FireEye and more all appear to be linked to subverted software updates for a network monitoring product called Orion, made by SolarWinds.
On Sunday, the U.S. Commerce Department confirmed it had been targeted by hackers, and the U.S. Treasury has also reportedly been struck. On Monday, new victims were added to the list: the Department of Homeland Security, State Department and National Institutes of Health, The Washington Post reports.
Reuters first reported the incidents, with the Post suggesting that a Russian hacking group known as Cozy Bear, aka APT29, is the source.
Get Permission
The Cybersecurity and Infrastructure Security Agency is warning that local K-12 schools districts are increasingly under assault by cyberthreats targeting vulnerable networks that are disrupting physical and virtual education throughout the U.S.
A CISA advisory notes the most significant cyberthreats to schools include ransomware, Trojans and other malware, as well as distributed denial-of-service attacks, with threat actors likely to view local school districts as opportunistic targets. The agency also says that these types of attacks are expected to continue throughout the current academic year and could be especially disruptive to distance learning. These issues will be particularly challenging for K-12 schools that face resource limitations; therefore, educational leadership, information technology personnel, and security personnel will need to balance this risk when determining their cybersecurity investments, according to CISA.